import moment from 'moment-timezone';
import windowProxy from 'ghost-admin/utils/window-proxy';
import {Response} from 'miragejs';
import {afterEach, beforeEach, describe, it} from 'mocha';
import {authenticateSession, invalidateSession} from 'ember-simple-auth/test-support';
import {
    blur,
    click,
    currentRouteName,
    currentURL,
    fillIn,
    find,
    findAll,
    focus,
    triggerEvent
} from '@ember/test-helpers';
import {enableLabsFlag} from '../helpers/labs-flag';
import {enableMembers} from '../helpers/members';
import {enableStripe} from '../helpers/stripe';
import {expect} from 'chai';
import {keyDown} from 'ember-keyboard/test-support/test-helpers';
import {setupApplicationTest} from 'ember-mocha';
import {setupMirage} from 'ember-cli-mirage/test-support';
import {submitForm} from '../helpers/forms';
import {visit} from '../helpers/visit';

describe('Acceptance: Staff', function () {
    let hooks = setupApplicationTest();
    setupMirage(hooks);

    it('redirects to signin when not authenticated', async function () {
        await invalidateSession();
        await visit('/settings/staff');

        expect(currentURL()).to.equal('/signin');
    });

    it('redirects correctly when authenticated as contributor', async function () {
        let role = this.server.create('role', {name: 'Contributor'});
        this.server.create('user', {roles: [role], slug: 'test-user'});

        this.server.create('user', {slug: 'no-access'});

        await authenticateSession();
        await visit('/settings/staff/no-access');

        expect(currentURL(), 'currentURL').to.equal('/settings/staff/test-user');
    });

    it('redirects correctly when authenticated as author', async function () {
        let role = this.server.create('role', {name: 'Author'});
        this.server.create('user', {roles: [role], slug: 'test-user'});

        this.server.create('user', {slug: 'no-access'});

        await authenticateSession();
        await visit('/settings/staff/no-access');

        expect(currentURL(), 'currentURL').to.equal('/settings/staff/test-user');
    });

    it('redirects correctly when authenticated as editor', async function () {
        let role = this.server.create('role', {name: 'Editor'});
        this.server.create('user', {roles: [role], slug: 'test-user'});

        this.server.create('user', {slug: 'no-access'});

        await authenticateSession();
        await visit('/settings/staff/no-access');

        expect(currentURL(), 'currentURL').to.equal('/settings/staff');
    });

    describe('when logged in as admin', function () {
        let admin, adminRole, suspendedUser;

        beforeEach(async function () {
            this.server.loadFixtures('roles');
            this.server.loadFixtures('settings');
            adminRole = this.server.schema.roles.find(1);
            enableMembers(this.server);
            enableStripe(this.server);
            enableLabsFlag(this.server, 'webmentions');

            admin = this.server.create('user', {email: 'admin@example.com', roles: [adminRole]});

            // add an expired invite
            this.server.create('invite', {expires: moment.utc().subtract(1, 'day').valueOf(), role: adminRole});

            // add a suspended user
            suspendedUser = this.server.create('user', {email: 'suspended@example.com', roles: [adminRole], status: 'inactive'});

            return await authenticateSession();
        });

        it('it renders and navigates correctly', async function () {
            let user1 = this.server.create('user');
            let user2 = this.server.create('user');

            await visit('/settings/staff');

            // doesn't do any redirecting
            expect(currentURL(), 'currentURL').to.equal('/settings/staff');

            // it has correct page title
            expect(document.title, 'page title').to.equal('Staff - Test Blog');

            // it shows active users in active section
            expect(
                findAll('[data-test-active-users] [data-test-user-id]').length,
                'number of active users'
            ).to.equal(3);
            expect(
                find(`[data-test-active-users] [data-test-user-id="${user1.id}"]`)
            ).to.exist;
            expect(
                find(`[data-test-active-users] [data-test-user-id="${user2.id}"]`)
            ).to.exist;
            expect(
                find(`[data-test-active-users] [data-test-user-id="${admin.id}"]`)
            ).to.exist;

            // it shows suspended users in suspended section
            expect(
                findAll('[data-test-suspended-users] [data-test-user-id]').length,
                'number of suspended users'
            ).to.equal(1);
            expect(
                find(`[data-test-suspended-users] [data-test-user-id="${suspendedUser.id}"]`)
            ).to.exist;

            await click(`[data-test-user-id="${user2.id}"]`);

            // url is correct
            expect(currentURL(), 'url after clicking user').to.equal(`/settings/staff/${user2.slug}`);

            // title is correct
            expect(document.title, 'title after clicking user').to.equal('Staff - User - Test Blog');

            // view title should exist and be linkable and active
            expect(
                find('[data-test-breadcrumb] a[href="/ghost/settings/staff"]').classList.contains('active'),
                'has linkable url back to staff main page'
            ).to.be.true;

            await click('[data-test-breadcrumb] a');

            // url should be /staff again
            expect(currentURL(), 'url after clicking back').to.equal('/settings');
        });

        it('can manage invites', async function () {
            await visit('/settings/staff');

            // invite user button exists
            expect(
                find('.view-actions .gh-btn-primary'),
                'invite people button'
            ).to.exist;

            // existing users are listed
            expect(
                findAll('[data-test-user-id]').length,
                'initial number of active users'
            ).to.equal(2);

            expect(
                find('[data-test-user-id="1"] [data-test-role-name]').textContent.trim(),
                'active user\'s role label'
            ).to.equal('Administrator');

            // existing invites are shown
            expect(
                findAll('[data-test-invite-id]').length,
                'initial number of invited users'
            ).to.equal(1);

            expect(
                find('[data-test-invite-id="1"] [data-test-invite-description]').textContent,
                'expired invite description'
            ).to.match(/expired/);

            // remove expired invite
            await click('[data-test-invite-id="1"] [data-test-revoke-button]');

            expect(
                findAll('[data-test-invite-id]').length,
                'initial number of invited users'
            ).to.equal(0);

            // click the invite people button
            await click('[data-test-button="invite-staff-user"]');

            // modal is displayed
            expect(
                find('[data-test-modal="invite-staff-user"]'),
                'correct modal is displayed'
            ).to.exist;

            // number of roles is correct
            expect(
                findAll('[data-test-option]').length,
                'number of selectable roles'
            ).to.equal(4);

            expect(
                find('[data-test-option="Contributor"]'),
                'contributor role is selected initially'
            ).to.have.class('active');

            // submit valid invite form
            await fillIn('.fullscreen-modal input[name="email"]', 'invite1@example.com');
            await click('[data-test-button="send-user-invite"]');

            // modal closes
            expect(
                findAll('[data-test-modal]').length,
                'number of modals after sending invite'
            ).to.equal(0);

            // invite is displayed, has correct e-mail + role
            expect(
                findAll('[data-test-invite-id]').length,
                'number of invites after first invite'
            ).to.equal(1);

            expect(
                find('[data-test-invite-id="2"] [data-test-email]').textContent.trim(),
                'displayed email of first invite'
            ).to.equal('invite1@example.com');

            expect(
                find('[data-test-invite-id="2"] [data-test-role-name]').textContent.trim(),
                'displayed role of first invite'
            ).to.equal('Contributor');

            expect(
                find('[data-test-invite-id="2"] [data-test-invite-description]').textContent,
                'new invite description'
            ).to.match(/expires/);

            // number of users is unchanged
            expect(
                findAll('[data-test-user-id]').length,
                'number of active users after first invite'
            ).to.equal(2);

            // submit new invite with different role
            await click('.view-actions .gh-btn-primary');
            await fillIn('.fullscreen-modal input[name="email"]', 'invite2@example.com');
            await click('[data-test-option="Editor"]');
            await click('[data-test-button="send-user-invite"]');

            // number of invites increases
            expect(
                findAll('[data-test-invite-id]').length,
                'number of invites after second invite'
            ).to.equal(2);

            // invite has correct e-mail + role
            expect(
                find('[data-test-invite-id="3"] [data-test-email]').textContent.trim(),
                'displayed email of second invite'
            ).to.equal('invite2@example.com');

            expect(
                find('[data-test-invite-id="3"] [data-test-role-name]').textContent.trim(),
                'displayed role of second invite'
            ).to.equal('Editor');

            // submit invite form with existing user
            await click('.view-actions .gh-btn-primary');
            await fillIn('.fullscreen-modal input[name="email"]', 'admin@example.com');
            await click('[data-test-button="send-user-invite"]');

            // validation message is displayed
            expect(
                find('.fullscreen-modal .error .response').textContent.trim(),
                'inviting existing user error'
            ).to.equal('A user with that email address already exists.');

            // submit invite form with existing invite
            await fillIn('.fullscreen-modal input[name="email"]', 'invite1@example.com');
            await click('[data-test-button="send-user-invite"]');

            // validation message is displayed
            expect(
                find('.fullscreen-modal .error .response').textContent.trim(),
                'inviting invited user error'
            ).to.equal('A user with that email address was already invited.');

            // submit invite form with an invalid email
            await fillIn('.fullscreen-modal input[name="email"]', 'test');
            await click('[data-test-button="send-user-invite"]');

            // validation message is displayed
            expect(
                find('.fullscreen-modal .error .response').textContent.trim(),
                'inviting invalid email error'
            ).to.equal('Invalid Email.');

            await click('.fullscreen-modal a.close');
            // revoke latest invite
            await click('[data-test-invite-id="3"] [data-test-revoke-button]');

            // number of invites decreases
            expect(
                findAll('[data-test-invite-id]').length,
                'number of invites after revoke'
            ).to.equal(1);

            // notification is displayed
            expect(
                find('.gh-notification:last-of-type').textContent.trim(),
                'notifications contain revoke'
            ).to.match(/Invitation revoked\s+invite2@example\.com/);

            // correct invite is removed
            expect(
                find('[data-test-invite-id] [data-test-email]').textContent.trim(),
                'displayed email of remaining invite'
            ).to.equal('invite1@example.com');

            // add another invite to test ordering on resend
            await click('.view-actions .gh-btn-primary');
            await fillIn('.fullscreen-modal input[name="email"]', 'invite3@example.com');
            await click('[data-test-button="send-user-invite"]');

            // new invite should be last in the list
            expect(
                find('[data-test-invite-id]:last-of-type [data-test-email]').textContent.trim(),
                'last invite email in list'
            ).to.equal('invite3@example.com');

            // resend first invite
            await click('[data-test-invite-id="2"] [data-test-resend-button]');

            // notification is displayed
            expect(
                find('.gh-notification:last-of-type').textContent.trim(),
                'notifications contain resend'
            ).to.match(/Invitation resent! \(invite1@example\.com\)/);

            // first invite is still at the top
            expect(
                find('[data-test-invite-id]:first-of-type [data-test-email]').textContent.trim(),
                'first invite email in list'
            ).to.equal('invite1@example.com');

            // regression test: can revoke a resent invite
            await click('[data-test-invite-id]:first-of-type [data-test-resend-button]');
            await click('[data-test-invite-id]:first-of-type [data-test-revoke-button]');

            // number of invites decreases
            expect(
                findAll('[data-test-invite-id]').length,
                'number of invites after resend/revoke'
            ).to.equal(1);

            // notification is displayed
            expect(
                find('.gh-notification:last-of-type').textContent.trim(),
                'notifications contain revoke after resend/revoke'
            ).to.match(/Invitation revoked\s+invite1@example\.com/);
        });

        it('can manage suspended users', async function () {
            await visit('/settings/staff');
            await click(`[data-test-user-id="${suspendedUser.id}"]`);

            expect(find('[data-test-suspended-badge]')).to.exist;

            await click('[data-test-user-actions]');
            await click('[data-test-unsuspend-button]');
            await click('[data-test-modal-confirm]');

            // NOTE: there seems to be a timing issue with this test - pausing
            // here confirms that the badge is removed but the andThen is firing
            // before the page is updated
            // andThen(() => {
            //     expect('[data-test-suspended-badge]').to.not.exist;
            // });

            await click('[data-test-staff-link]');
            // suspendedUser is now in active list
            expect(
                find(`[data-test-active-users] [data-test-user-id="${suspendedUser.id}"]`)
            ).to.exist;

            // no suspended users
            expect(
                findAll('[data-test-suspended-users] [data-test-user-id]').length
            ).to.equal(0);

            await click(`[data-test-user-id="${suspendedUser.id}"]`);

            await click('[data-test-user-actions]');
            await click('[data-test-suspend-button]');
            await click('[data-test-modal-confirm]');
            expect(find('[data-test-suspended-badge]')).to.exist;
        });

        it('can delete users', async function () {
            let user1 = this.server.create('user');
            let user2 = this.server.create('user');
            let post = this.server.create('post', {authors: [user2]});

            // we don't have a full many-to-many relationship in mirage so we
            // need to add the inverse manually
            user2.posts = [post];
            user2.save();

            await visit('/settings/staff');
            await click(`[data-test-user-id="${user1.id}"]`);

            // user deletion displays modal
            await click('button.delete');
            expect(
                findAll('[data-test-modal="delete-user"]').length,
                'user deletion modal displayed after button click'
            ).to.equal(1);

            // user has no posts so no warning about post deletion
            expect(
                findAll('[data-test-text="user-post-count"]').length,
                'deleting user with no posts has no post count'
            ).to.equal(0);

            // cancelling user deletion closes modal
            await click('[data-test-button="cancel-delete-user"]');
            expect(
                findAll('[data-test-modal]').length === 0,
                'delete user modal is closed when cancelling'
            ).to.be.true;

            // deleting a user with posts
            await visit('/settings/staff');
            await click(`[data-test-user-id="${user2.id}"]`);

            await click('button.delete');
            // user has  posts so should warn about post deletion
            expect(
                find('[data-test-text="user-post-count"]').textContent,
                'deleting user with posts has post count'
            ).to.have.string('1 post');

            await click('[data-test-button="confirm-delete-user"]');
            // redirected to staff page
            expect(currentURL()).to.equal('/settings/staff');

            // deleted user is not in list
            expect(
                findAll(`[data-test-user-id="${user2.id}"]`).length,
                'deleted user is not in user list after deletion'
            ).to.equal(0);
        });

        describe('existing user', function () {
            let user, originalReplaceState;
            let newLocation; // eslint-disable-line

            beforeEach(function () {
                user = this.server.create('user', {
                    slug: 'test-1',
                    name: 'Test User',
                    facebook: 'test',
                    twitter: '@test'
                });

                originalReplaceState = windowProxy.replaceState;
                windowProxy.replaceState = function (params, title, url) {
                    newLocation = url;
                };
                newLocation = undefined;
            });

            afterEach(function () {
                windowProxy.replaceState = originalReplaceState;
            });

            it('input fields reset and validate correctly', async function () {
                // test user name
                await visit('/settings/staff/test-1');

                expect(currentURL(), 'currentURL').to.equal('/settings/staff/test-1');
                expect(find('[data-test-name-input]').value, 'current user name').to.equal('Test User');

                expect(find('[data-test-save-button]').textContent.trim(), 'save button text').to.equal('Save');

                // test empty user name
                await fillIn('[data-test-name-input]', '');
                await blur('[data-test-name-input]');

                expect(find('.user-details-bottom .first-form-group').classList.contains('error'), 'username input is in error state with blank input').to.be.true;

                // test too long user name
                await fillIn('[data-test-name-input]', new Array(195).join('a'));
                await blur('[data-test-name-input]');

                expect(find('.user-details-bottom .first-form-group').classList.contains('error'), 'username input is in error state with too long input').to.be.true;

                // reset name field
                await fillIn('[data-test-name-input]', 'Test User');

                expect(find('[data-test-slug-input]').value, 'slug value is default').to.equal('test-1');

                await fillIn('[data-test-slug-input]', '');
                await blur('[data-test-slug-input]');

                expect(find('[data-test-slug-input]').value, 'slug value is reset to original upon empty string').to.equal('test-1');

                // Save changes
                await click('[data-test-save-button]');

                // Since we reset save button's status there's no on-screen indication
                // that we've had a save, check the request was fired instead
                let [lastRequest] = this.server.pretender.handledRequests.slice(-1);
                let params = JSON.parse(lastRequest.requestBody);

                expect(params.users[0].name).to.equal('Test User');

                // CMD-S shortcut works
                await fillIn('[data-test-name-input]', 'New Name');
                await keyDown('cmd+s');

                // Since we reset save button's status there's no on-screen indication
                // that we've had a save, check the request was fired instead
                [lastRequest] = this.server.pretender.handledRequests.slice(-1);
                params = JSON.parse(lastRequest.requestBody);

                // name should have been correctly set before save (we set on blur)
                expect(params.users[0].name, 'saved name').to.equal('New Name');

                await fillIn('[data-test-slug-input]', 'white space');
                await blur('[data-test-slug-input]');

                expect(find('[data-test-slug-input]').value, 'slug value is correctly dasherized').to.equal('white-space');

                await fillIn('[data-test-email-input]', 'thisisnotanemail');
                await blur('[data-test-email-input]');

                expect(find('.user-details-bottom .form-group:nth-of-type(3)').classList.contains('error'), 'email input should be in error state with invalid email').to.be.true;

                await fillIn('[data-test-email-input]', 'test@example.com');
                await fillIn('[data-test-location-input]', new Array(160).join('a'));
                await blur('[data-test-location-input]');

                expect(
                    find('[data-test-location-input]').closest('.form-group'),
                    'location input should be in error state'
                ).to.have.class('error');

                await fillIn('[data-test-location-input]', '');
                await fillIn('[data-test-website-input]', 'thisisntawebsite');
                await blur('[data-test-website-input]');

                expect(
                    find('[data-test-website-input]').closest('.form-group'),
                    'website input should be in error state'
                ).to.have.class('error');

                let testSocialInput = async function (type, input, expectedValue, expectedError = '') {
                    await fillIn(`[data-test-${type}-input]`, input);
                    await blur(`[data-test-${type}-input]`);

                    expect(
                        find(`[data-test-${type}-input]`).value,
                        `${type} value for ${input}`
                    ).to.equal(expectedValue);

                    expect(
                        find(`[data-test-error="user-${type}"]`).textContent.trim(),
                        `${type} validation response for ${input}`
                    ).to.equal(expectedError);

                    expect(
                        find(`[data-test-error="user-${type}"]`).closest('.form-group').classList.contains('error'),
                        `${type} input should be in error state with '${input}'`
                    ).to.equal(!!expectedError);
                };

                let testFacebookValidation = async (...args) => testSocialInput('facebook', ...args);
                let testTwitterValidation = async (...args) => testSocialInput('twitter', ...args);

                // Testing Facebook input

                // displays initial value
                expect(find('[data-test-facebook-input]').value, 'initial facebook value')
                    .to.equal('https://www.facebook.com/test');

                await focus('[data-test-facebook-input]');
                await blur('[data-test-facebook-input]');

                // regression test: we still have a value after the input is
                // focused and then blurred without any changes
                expect(find('[data-test-facebook-input]').value, 'facebook value after blur with no change')
                    .to.equal('https://www.facebook.com/test');

                await testFacebookValidation(
                    'facebook.com/username',
                    'https://www.facebook.com/username');

                await testFacebookValidation(
                    'testuser',
                    'https://www.facebook.com/testuser');

                await testFacebookValidation(
                    'ab99',
                    'https://www.facebook.com/ab99');

                await testFacebookValidation(
                    'page/ab99',
                    'https://www.facebook.com/page/ab99');

                await testFacebookValidation(
                    'page/*(&*(%%))',
                    'https://www.facebook.com/page/*(&*(%%))');

                await testFacebookValidation(
                    'facebook.com/pages/some-facebook-page/857469375913?ref=ts',
                    'https://www.facebook.com/pages/some-facebook-page/857469375913?ref=ts');

                await testFacebookValidation(
                    'https://www.facebook.com/groups/savethecrowninn',
                    'https://www.facebook.com/groups/savethecrowninn');

                await testFacebookValidation(
                    'http://github.com/username',
                    'http://github.com/username',
                    'The URL must be in a format like https://www.facebook.com/yourPage');

                await testFacebookValidation(
                    'http://github.com/pages/username',
                    'http://github.com/pages/username',
                    'The URL must be in a format like https://www.facebook.com/yourPage');

                // Testing Twitter input

                // loads fixtures and performs transform
                expect(find('[data-test-twitter-input]').value, 'initial twitter value')
                    .to.equal('https://twitter.com/test');

                await focus('[data-test-twitter-input]');
                await blur('[data-test-twitter-input]');

                // regression test: we still have a value after the input is
                // focused and then blurred without any changes
                expect(find('[data-test-twitter-input]').value, 'twitter value after blur with no change')
                    .to.equal('https://twitter.com/test');

                await testTwitterValidation(
                    'twitter.com/username',
                    'https://twitter.com/username');

                await testTwitterValidation(
                    'testuser',
                    'https://twitter.com/testuser');

                await testTwitterValidation(
                    'http://github.com/username',
                    'https://twitter.com/username');

                await testTwitterValidation(
                    '*(&*(%%))',
                    '*(&*(%%))',
                    'The URL must be in a format like https://twitter.com/yourUsername');

                await testTwitterValidation(
                    'thisusernamehasmorethan15characters',
                    'thisusernamehasmorethan15characters',
                    'Your Username is not a valid Twitter Username');

                // Testing bio input

                await fillIn('[data-test-website-input]', '');
                await fillIn('[data-test-bio-input]', new Array(210).join('a'));
                await blur('[data-test-bio-input]');

                expect(
                    find('[data-test-bio-input]').closest('.form-group'),
                    'bio input should be in error state'
                ).to.have.class('error');

                // password reset ------

                // button triggers validation
                await click('[data-test-save-pw-button]');

                expect(
                    find('[data-test-new-pass-input]').closest('.form-group'),
                    'new password has error class when blank'
                ).to.have.class('error');

                expect(
                    find('[data-test-error="user-new-pass"]').textContent,
                    'new password error when blank'
                ).to.have.string('can\'t be blank');

                // validates too short password (< 10 characters)
                await fillIn('[data-test-new-pass-input]', 'notlong');
                await fillIn('[data-test-ne2-pass-input]', 'notlong');

                // enter key triggers action
                await submitForm('[data-test-new-pass-input]');

                expect(
                    find('[data-test-new-pass-input]').closest('.form-group'),
                    'new password has error class when password too short'
                ).to.have.class('error');

                expect(
                    find('[data-test-error="user-new-pass"]').textContent,
                    'new password error when it\'s too short'
                ).to.have.string('at least 10 characters long');

                // validates unsafe password
                await fillIn('#user-password-new', 'ghostisawesome');
                await fillIn('[data-test-ne2-pass-input]', 'ghostisawesome');

                // enter key triggers action
                await submitForm('#user-password-new');

                expect(
                    find('#user-password-new').closest('.form-group'),
                    'new password has error class when password is insecure'
                ).to.have.class('error');

                expect(
                    find('[data-test-error="user-new-pass"]').textContent,
                    'new password error when it\'s insecure'
                ).to.match(/you cannot use an insecure password/);

                // typing in inputs clears validation
                await fillIn('[data-test-new-pass-input]', 'thisissupersafe');
                await triggerEvent('[data-test-new-pass-input]', 'input');

                expect(
                    find('[data-test-new-pass-input]').closest('.form-group'),
                    'password validation is visible after typing'
                ).to.not.have.class('error');

                // enter key triggers action
                await submitForm('[data-test-new-pass-input]');

                expect(
                    find('[data-test-ne2-pass-input]').closest('.form-group'),
                    'confirm password has error class when it doesn\'t match'
                ).to.have.class('error');

                expect(
                    find('[data-test-error="user-ne2-pass"]').textContent,
                    'confirm password error when it doesn\'t match'
                ).to.have.string('do not match');

                // submits with correct details
                await fillIn('[data-test-ne2-pass-input]', 'thisissupersafe');
                await click('[data-test-save-pw-button]');

                // hits the endpoint
                let [newRequest] = this.server.pretender.handledRequests.slice(-1);
                params = JSON.parse(newRequest.requestBody);

                expect(newRequest.url, 'password request URL')
                    .to.match(/\/users\/password/);

                // eslint-disable-next-line camelcase
                expect(params.password[0].user_id).to.equal(user.id.toString());
                expect(params.password[0].newPassword).to.equal('thisissupersafe');
                expect(params.password[0].ne2Password).to.equal('thisissupersafe');

                // clears the fields
                expect(
                    find('[data-test-new-pass-input]').value,
                    'password field after submit'
                ).to.be.empty;

                expect(
                    find('[data-test-ne2-pass-input]').value,
                    'password verification field after submit'
                ).to.be.empty;

                // displays a notification
                expect(
                    findAll('.gh-notifications .gh-notification').length,
                    'password saved notification is displayed'
                ).to.equal(1);
            });

            it('warns when leaving without saving', async function () {
                await visit('/settings/staff/test-1');

                expect(currentURL(), 'currentURL').to.equal('/settings/staff/test-1');

                await fillIn('[data-test-slug-input]', 'another slug');
                await blur('[data-test-slug-input]');

                expect(find('[data-test-slug-input]').value).to.be.equal('another-slug');

                await fillIn('[data-test-facebook-input]', 'testuser');
                await blur('[data-test-facebook-input]');

                expect(find('[data-test-facebook-input]').value).to.be.equal('https://www.facebook.com/testuser');

                await visit('/settings/staff');

                expect(findAll('[data-test-modal]').length, 'modal exists').to.equal(1);

                // Leave without saving
                await click('[data-test-modal="unsaved-settings"] [data-test-leave-button]');

                expect(currentURL(), 'currentURL').to.equal('/settings/staff');

                await visit('/settings/staff/test-1');

                expect(currentURL(), 'currentURL').to.equal('/settings/staff/test-1');

                // settings were not saved
                expect(find('[data-test-slug-input]').value).to.be.equal('test-1');
                expect(find('[data-test-facebook-input]').value).to.be.equal('https://www.facebook.com/test');
            });

            it('cannot see email alerts for other user', async function () {
                await visit('/settings/staff/test-1');
                expect(find('[data-test-checkbox="free-signup-notifications"]'), 'free signup alert').to.not.exist;
                expect(find('[data-test-checkbox="paid-started-notifications"]'), 'paid start alert').to.not.exist;
                expect(find('[data-test-checkbox="paid-canceled-notifications"]'), 'paid cancel alert').to.not.exist;
            });
        });

        describe('own user', function () {
            it('requires current password when changing password', async function () {
                await visit(`/settings/staff/${admin.slug}`);

                // test the "old password" field is validated
                await click('[data-test-save-pw-button]');

                // old password has error
                expect(
                    find('[data-test-old-pass-input]').closest('.form-group'),
                    'old password has error class when blank'
                ).to.have.class('error');

                expect(
                    find('[data-test-error="user-old-pass"]').textContent,
                    'old password error when blank'
                ).to.have.string('is required');

                // new password has error
                expect(
                    find('[data-test-new-pass-input]').closest('.form-group'),
                    'new password has error class when blank'
                ).to.have.class('error');

                expect(
                    find('[data-test-error="user-new-pass"]').textContent,
                    'new password error when blank'
                ).to.have.string('can\'t be blank');

                // validation is cleared when typing
                await fillIn('[data-test-old-pass-input]', 'password');
                await triggerEvent('[data-test-old-pass-input]', 'input');

                expect(
                    find('[data-test-old-pass-input]').closest('.form-group'),
                    'old password validation is in error state after typing'
                ).to.not.have.class('error');
            });

            it('can toggle email alerts for own user', async function () {
                await visit(`/settings/staff/${admin.slug}`);
                expect(find('[data-test-checkbox="free-signup-notifications"]')).to.not.be.checked;
                expect(find('[data-test-checkbox="paid-started-notifications"]')).to.not.be.checked;
                expect(find('[data-test-checkbox="paid-canceled-notifications"]')).to.not.be.checked;
                expect(find('[data-test-checkbox="mention-notifications"]')).to.not.be.checked;
                expect(find('[data-test-checkbox="milestone-notifications"]')).to.not.be.checked;

                await click('[data-test-label="free-signup-notifications"]');
                await click('[data-test-label="paid-started-notifications"]');
                await click('[data-test-label="paid-canceled-notifications"]');
                await click('[data-test-label="mention-notifications"]');
                await click('[data-test-label="milestone-notifications"]');
                await click('[data-test-save-button]');

                await visit(`/settings/staff/${admin.slug}`);

                expect(find('[data-test-checkbox="free-signup-notifications"]')).to.be.checked;
                expect(find('[data-test-checkbox="paid-started-notifications"]')).to.be.checked;
                expect(find('[data-test-checkbox="paid-canceled-notifications"]')).to.be.checked;
                expect(find('[data-test-checkbox="mention-notifications"]')).to.be.checked;
                expect(find('[data-test-checkbox="milestone-notifications"]')).to.be.checked;
            });
        });

        it('redirects to 404 when user does not exist', async function () {
            this.server.get('/users/slug/unknown/', function () {
                return new Response(404, {'Content-Type': 'application/json'}, {errors: [{message: 'User not found.', type: 'NotFoundError'}]});
            });

            await visit('/settings/staff/unknown');

            expect(currentRouteName()).to.equal('error404');
            expect(currentURL()).to.equal('/settings/staff/unknown');
        });
    });

    describe('when logged in as owner', function () {
        let admin, adminRole, ownerRole;

        beforeEach(async function () {
            this.server.loadFixtures('roles');
            this.server.loadFixtures('settings');
            adminRole = this.server.schema.roles.find(1);
            enableMembers(this.server);
            enableStripe(this.server);
            ownerRole = this.server.create('role', {name: 'Owner'});

            admin = this.server.create('user', {email: 'admin@example.com', roles: [ownerRole]});

            // add an expired invite
            this.server.create('invite', {expires: moment.utc().subtract(1, 'day').valueOf(), role: adminRole});

            return await authenticateSession();
        });

        describe('existing user', function () {
            beforeEach(function () {
                this.server.create('user', {
                    slug: 'test-1',
                    name: 'Test User',
                    facebook: 'test',
                    twitter: '@test'
                });
            });

            it('cannot see email alerts for other user', async function () {
                await visit('/settings/staff/test-1');
                expect(find('[data-test-checkbox="free-signup-notifications"]'), 'free signup alert').to.not.exist;
                expect(find('[data-test-checkbox="paid-started-notifications"]'), 'paid start alert').to.not.exist;
                expect(find('[data-test-checkbox="paid-canceled-notifications"]'), 'paid cancel alert').to.not.exist;
            });
        });

        describe('own user', function () {
            it('can toggle email alerts for own user', async function () {
                await visit(`/settings/staff/${admin.slug}`);
                expect(find('[data-test-checkbox="free-signup-notifications"]')).to.not.be.checked;
                expect(find('[data-test-checkbox="paid-started-notifications"]')).to.not.be.checked;
                expect(find('[data-test-checkbox="paid-canceled-notifications"]')).to.not.be.checked;

                await click('[data-test-label="free-signup-notifications"]');
                await click('[data-test-label="paid-started-notifications"]');
                await click('[data-test-label="paid-canceled-notifications"]');

                await click('[data-test-save-button]');
                await visit(`/settings/staff/${admin.slug}`);

                expect(find('[data-test-checkbox="free-signup-notifications"]')).to.be.checked;
                expect(find('[data-test-checkbox="paid-started-notifications"]')).to.be.checked;
                expect(find('[data-test-checkbox="paid-canceled-notifications"]')).to.be.checked;
            });
        });
    });

    describe('when logged in as author', function () {
        let adminRole, authorRole;

        beforeEach(async function () {
            adminRole = this.server.create('role', {name: 'Administrator'});
            authorRole = this.server.create('role', {name: 'Author'});
            this.server.create('user', {roles: [authorRole]});

            this.server.get('/invites/', function () {
                return new Response(403, {}, {
                    errors: [{
                        type: 'NoPermissionError',
                        message: 'You do not have permission to perform this action'
                    }]
                });
            });

            return await authenticateSession();
        });

        it('is redirected to user profile page', async function () {
            this.server.create('user', {roles: [adminRole]});
            this.server.create('invite', {role: authorRole});

            await visit('/settings/staff');

            expect(currentRouteName()).to.equal('settings.staff.user');
            expect(findAll('.gh-alert').length).to.equal(0);
        });
    });
});
